Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Qy7jViIVdldirgWbkglQ4tA5Ynk.roa
File:                     Qy7jViIVdldirgWbkglQ4tA5Ynk.roa (raw, json)
Hash identifier:          NWYJ0RTMIVeD2dZZTTE48m1OaJJUXUPcswB3m4NxK/8=
Subject key identifier:   43:2E:E3:56:22:15:76:57:62:AE:05:9B:92:09:50:E2:D0:39:62:79
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018AEF24C9FEE2125750C756A4A4DA3DBCE3
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Qy7jViIVdldirgWbkglQ4tA5Ynk.roa
Signing time:             Mon 02 Oct 2023 06:48:00 +0000
ROA not before:           Mon 02 Oct 2023 06:48:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        89.213.43.0/24 maxlen: 24
                          89.213.190.0/24 maxlen: 24
                          109.176.208.0/24 maxlen: 24
                          89.213.130.0/24 maxlen: 24
                          89.213.145.0/24 maxlen: 24
                          89.213.146.0/24 maxlen: 24
                          82.152.251.0/24 maxlen: 24
                          82.152.248.0/24 maxlen: 24
                          82.153.1.0/24 maxlen: 24
                          82.152.254.0/24 maxlen: 24
                          89.213.161.0/24 maxlen: 24
                          82.153.132.0/24 maxlen: 24
                          82.153.69.0/24 maxlen: 24
                          82.153.72.0/24 maxlen: 24
                          81.168.116.0/24 maxlen: 24
                          82.153.79.0/24 maxlen: 24
                          81.168.123.0/24 maxlen: 24
                          81.168.120.0/24 maxlen: 24
                          81.168.119.0/24 maxlen: 24
                          81.168.126.0/24 maxlen: 24
                          109.176.247.0/24 maxlen: 24
                          109.176.251.0/24 maxlen: 24
                          185.49.124.0/24 maxlen: 24
                          81.5.189.0/24 maxlen: 24
                          89.213.7.0/24 maxlen: 24
                          89.213.6.0/24 maxlen: 24
                          82.153.224.0/24 maxlen: 24
                          82.153.225.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 03 Oct 2023 07:19:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:ef:24:c9:fe:e2:12:57:50:c7:56:a4:a4:da:3d:bc:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Oct  2 06:48:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=432ee3562215765762ae059b920950e2d0396279
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:dd:0b:50:31:64:82:0d:14:95:e6:69:24:98:
                    01:4e:24:eb:af:10:6e:36:a7:89:d2:3a:36:b9:3b:
                    dc:13:df:3c:1a:42:3a:6a:1d:16:09:1a:fa:32:15:
                    68:9a:34:26:59:65:3d:b7:61:f7:63:a0:b2:56:f6:
                    e9:d8:90:1d:20:b5:2f:51:d6:14:14:ec:1a:f2:a0:
                    56:24:a4:9b:9b:c7:3f:c4:1e:54:1d:87:41:8c:bd:
                    9a:1c:3b:38:d4:0d:92:ce:da:8a:a0:a9:e4:13:00:
                    3f:60:6f:d8:e9:4e:8a:9c:47:40:7a:ef:fe:cf:d3:
                    72:ca:5e:2c:cc:2f:a3:be:4d:d8:94:65:fd:2e:58:
                    37:c0:97:cb:12:48:2b:28:a5:39:bb:c6:9b:16:06:
                    3c:ef:15:3c:ed:37:68:98:fd:a8:df:e4:a1:a8:86:
                    a7:97:1a:38:83:e4:20:89:69:d7:85:1a:1f:2b:26:
                    9a:bc:ae:3e:7c:fe:6b:46:b4:67:bc:ca:cf:82:f1:
                    17:d9:44:8e:b9:7b:dd:1e:be:ca:c7:15:cb:9c:f2:
                    ce:28:b7:5f:c7:cd:85:54:f7:28:04:f0:29:dc:f8:
                    99:bf:b1:ac:9f:ff:aa:27:9b:e8:a1:5c:85:59:9e:
                    cc:d6:96:af:4f:aa:6b:54:10:b9:e4:37:0b:c3:d9:
                    12:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:2E:E3:56:22:15:76:57:62:AE:05:9B:92:09:50:E2:D0:39:62:79
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Qy7jViIVdldirgWbkglQ4tA5Ynk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.5.189.0/24
                  81.168.116.0/24
                  81.168.119.0-81.168.120.255
                  81.168.123.0/24
                  81.168.126.0/24
                  82.152.248.0/24
                  82.152.251.0/24
                  82.152.254.0/24
                  82.153.1.0/24
                  82.153.69.0/24
                  82.153.72.0/24
                  82.153.79.0/24
                  82.153.132.0/24
                  82.153.224.0/23
                  89.213.6.0/23
                  89.213.43.0/24
                  89.213.130.0/24
                  89.213.145.0-89.213.146.255
                  89.213.161.0/24
                  89.213.190.0/24
                  109.176.208.0/24
                  109.176.247.0/24
                  109.176.251.0/24
                  185.49.124.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8f:a7:c2:b1:9d:6e:c8:f7:c8:3b:45:43:9b:1a:e9:27:b7:76:
         ed:66:3b:1e:78:c0:da:e0:64:f9:bb:07:8b:c1:94:aa:bd:20:
         22:ea:26:99:3b:43:7d:2c:11:57:cf:8c:2d:bc:13:db:b7:5d:
         73:57:1d:e9:ea:f6:f5:f7:ab:af:22:50:c5:8f:8f:b8:f0:63:
         5b:ae:85:f5:2e:98:49:57:01:a1:1b:7e:6a:89:2d:47:63:1c:
         a2:45:be:8d:b9:c8:a4:a9:74:8f:fa:61:86:76:7b:53:c8:0d:
         77:f3:c4:bf:1c:5a:89:a3:21:91:19:ae:e8:5a:eb:ef:6e:90:
         34:49:8f:15:f4:c1:3b:2c:5e:33:1a:50:d3:93:2a:4d:00:27:
         8a:d6:58:9f:8f:e3:03:95:ea:20:18:f1:19:8b:14:3e:35:04:
         e3:52:9b:fd:c3:34:86:af:c3:6e:ec:77:86:04:b7:94:44:56:
         1b:8a:a5:7b:df:3a:8e:4b:74:57:f7:95:16:a0:e5:2c:36:3e:
         59:60:38:4c:7b:e3:00:f7:22:94:b2:9c:5e:2e:b9:24:79:cc:
         96:d9:9f:0b:6f:68:ad:d5:8d:91:38:db:cc:34:26:76:71:a8:
         1b:12:6d:c7:de:30:fd:f6:cf:0d:79:40:cf:d4:d7:ed:59:5a:
         69:fa:d3:73
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgISAYrvJMn+4hJXUMdWpKTaPbzjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMDAyMDY0ODAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzJlZTM1NjIyMTU3NjU3NjJhZTA1OWI5MjA5NTBlMmQwMzk2Mjc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjt0LUDFkgg0UleZpJJgBTiTrrxBu
NqeJ0jo2uTvcE988GkI6ah0WCRr6MhVomjQmWWU9t2H3Y6CyVvbp2JAdILUvUdYU
FOwa8qBWJKSbm8c/xB5UHYdBjL2aHDs41A2SztqKoKnkEwA/YG/Y6U6KnEdAeu/+
z9Nyyl4szC+jvk3YlGX9Llg3wJfLEkgrKKU5u8abFgY87xU87TdomP2o3+ShqIan
lxo4g+QgiWnXhRofKyaavK4+fP5rRrRnvMrPgvEX2USOuXvdHr7KxxXLnPLOKLdf
x82FVPcoBPAp3PiZv7Gsn/+qJ5vooVyFWZ7M1pavT6prVBC55DcLw9kSnwIDAQAB
o4ICqDCCAqQwHQYDVR0OBBYEFEMu41YiFXZXYq4Fm5IJUOLQOWJ5MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvUXk3alZpSVZkbGRpcmdXYmtnbFE0dEE1WW5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG9BggrBgEFBQcBBwEB/wSBrTCBqjCBpwQCAAEwgaADBABR
Bb0DBABRqHQwDAMEAFGodwMEAFGoeAMEAFGoewMEAFGofgMEAFKY+AMEAFKY+wME
AFKY/gMEAFKZAQMEAFKZRQMEAFKZSAMEAFKZTwMEAFKZhAMEAVKZ4AMEAVnVBgME
AFnVKwMEAFnVgjAMAwQAWdWRAwQAWdWSAwQAWdWhAwQAWdW+AwQAbbDQAwQAbbD3
AwQAbbD7AwQAuTF8MA0GCSqGSIb3DQEBCwUAA4IBAQCPp8KxnW7I98g7RUObGukn
t3btZjseeMDa4GT5uweLwZSqvSAi6iaZO0N9LBFXz4wtvBPbt11zVx3p6vb196uv
IlDFj4+48GNbroX1LphJVwGhG35qiS1HYxyiRb6NucikqXSP+mGGdntTyA1388S/
HFqJoyGRGa7oWuvvbpA0SY8V9ME7LF4zGlDTkypNACeK1lifj+MDleogGPEZixQ+
NQTjUpv9wzSGr8Nu7HeGBLeURFYbiqV73zqOS3RX95UWoOUsNj5ZYDhMe+MA9yKU
spxeLrkkecyW2Z8Lb2it1Y2RONvMNCZ2cagbEm3H3jD99s8NeUDP1NftWVpp+tNz
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:23 2024 by rpki-client on console-ams.rpki-client.org